Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

conditional windows authentication

Status
Not open for further replies.
garwain

garwain

Programmer
Jan 30, 2002
461
CA
in classic asp, is there any way that I can have my site set for anonymous access, but under certain conditions, force a windows authentication?

I have one file /db/db.asp that contains my database login function, which currently uses a fixed account, but if the user that has logged into my site is a employee, then I would like to use windows authentication to be able to use their login for the database connection instead of using the default account. This is because I need to improve the accuracy of my logging functions (mostly in triggers). Showing WEBSERVER as the user is fine for external users, but I need to be able to log employees transactions with more detail

The only solution I have been able to find is to move all password protected parts to a sub folder, then have a virtual folder linked to it, so that one uses anonymous and the other uses windows auth, then have the login script redirect to the appropriate folder, but this will involve tracting down every link through the site that uses an absolute reference, as well as tracing down links in 3 other sites, and finding links stored in several tables in the database as well, so I'm looking for a way that will allow me to keep the site structure as is,
 
Sort by date Sort by votes
Nothing really to do with ASP, Classic or not. Windows Authentication is done at server level not at application level.

Whilst you can get the authenticated user from the environment variables, it doesn't work in the opposite direction, and for ASP to communicate with Active Directory using LDAP the webserver needs to be a running as a Domain Controller, which is probably not the best idea for an "external facing" webserver. :D
Back in the days when I had to do that sort of thing as a wage slave, I did play around with running a internal only web site on a secondary DC (Windows 2K) that would accept a POST request from the web box for user authentication. Never completed it though because the company and I decided to have a trial separation, and oddly enough I've never felt the urge for a reconcilliation.

Posting the question forum41 might yield better answers

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

axLW
  • Locked
  • Question
Line Break in XML String (Classic ASP HTTP Post) for Windows
Replies
6
Views
193
ChrisHirst
ChrisHirst
ahoodin7
  • Locked
  • Question
<object> and Windows 7+ vs Windows XP
Replies
3
Views
93
guitarzan
guitarzan
jsteph
  • Locked
  • Question
AD authentication for ASP Pages? 1
Replies
12
Views
192
foxbox
foxbox
rddragon888
  • Locked
  • Question
Windows version using ASP
Replies
1
Views
44
foxbox
foxbox
cloc
  • Locked
  • Question
Windows2008 & indexing services
Replies
1
Views
55
cloc
cloc

Part and Inventory Search

Sponsor

Back
Top